7 Replies

2

Solving an Invalid Signature of PRTG Server.exe

If you suddenly cannot start the PRTG Server.exe anymore after a new installation of PRTG (for example, an update) because of an invalid signature, please check the security settings in the environment you run PRTG. The error message PRTG Webserver could not be started properly. Signature of C:\Program File(x86)\PRTG Network Monitor\64 bit\PRTG Server.exe is not valid. can hint to an issue with the Certification Authority (CA) verification.

This CA issue can result in the following:

PRTG services cannot start.

PRTG setup cannot be executed.

Remote probes cannot update.

Note: The exact path in the error message depends on the directory and Windows version on the computer where you have installed PRTG. For a 32 bit Windows system the error message would be Signature of C:\Program File(x86)\PRTG Network Monitor\32 bit\PRTG Server.exe is not valid.

Digital Signatures and Security Requirements

In certain circumstances in IT environments, security requirements do not allow to download any updates from the internet. In this case it might not be possible to verify the digital signature that is associated with the application PRTG Server.exe, for example. You have to apply updates manually to avoid this issue.

Please first try to install the following root certificates from DigiCert. The first root certificate is sufficient in most cases, but in some cases you will also need the second one. Please import these certificates into the Trusted Root Certificates of the server that runs PRTG and also on remote probe systems:

Notes

Please import the certificates via Microsoft Management Console (MMC) into the certificate store of the local system. Otherwise the certificates might be valid for the current user account only.

Windows Server 2003 does not support SHA-2 certificates out of the box. Please see this article for details.

One of our customers who got the invalid signature message applied the latest Microsoft Root certificates to the system. This made the Trust CA able to verify the digital signature of the PRTG executable file, so PRTG was allowed to start again. If you have similar security settings in your data center, please check the CA verification and try updating your root certificates.

If the previous version works properly, try to reproduce your issue with exactly the same security settings on a spare test computer or virtual machine (for example, use the PRTG freeware edition for this test) . This approach ensures this is not a one-off incident on the current PRTG host.

If the same issue happens again on the test machine, right-click PRTG Server.exe in the 64 bit or 32 bit subfolder of your PRTG installation, open Properties and send us a screenshot of the Signature part. This way, we can check the signature for PRTG delivered by Paessler and propose other solution steps specific to your situation.

1

I had this problem when I installed a trial of PRTG on a Windows Server 2012 R2.
I tried to apply all Windows Updates, but it didn't help.

What solved the issue for me was I had to manually import the CA from Comodo. Download the cert from AddTrustExternalCARoot and follow the guide from Comodo's Knowledgebase.
Slightly modified for Windows Server 2012 R2 but mostly the same.

1

I never had this issue before, but experienced it when upgrading from ver 15.1.13.1312 to ver 16.1.21.1422. Adding the cert linked above to my Trusted Root certificate store resolved it. CN=AddTrust External CA Root

By the way... why do you have something so special? I have many many software in my disconnected environment (no direct access to internet), but fully up-to-date with patches via WSUS... and you are the only software with that issue.

Anti-virus and all the other rsecurity related tools work fine...
... maybe you should consider changing the CA you use or the system you use?

Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.